crypto

package
v0.0.0-...-0117b6e Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 2, 2024 License: Apache-2.0 Imports: 14 Imported by: 1

Documentation

Overview

crypto package provides methods to encrypt and decrypt data

crypto package provides methods to encrypt and decrypt data

Index

Constants

View Source 
const KMSKeySizeInBytes int64 = 64

KMSKeySizeInBytes is the key size that is fetched from KMS. 64 bytes key is split into two halves. First half 32 bytes key is used by agent for encryption and second half 32 bytes by clients like cli/console

Variables

This section is empty.

Functions

This section is empty.

Types

type BlockCipher 

type BlockCipher struct {
	// contains filtered or unexported fields
}

func NewBlockCipher 

func NewBlockCipher(context context.T, kmsKeyId string) (blockCipher *BlockCipher, err error)

NewBlockCipher creates a new block cipher

func NewBlockCipherKMS 

func NewBlockCipherKMS(kmsKeyId string, kmsService IKMSService) (blockCipher *BlockCipher, err error)

NewBlockCipherKMS creates a new block cipher with a provided IKMService instance

func (*BlockCipher) DecryptWithAESGCM 

func (blockCipher *BlockCipher) DecryptWithAESGCM(cipherText []byte) (plainText []byte, err error)

DecryptWithGCM decrypts cipher text using AES block cipher GCM mode

func (*BlockCipher) EncryptWithAESGCM 

func (blockCipher *BlockCipher) EncryptWithAESGCM(plainText []byte) (cipherText []byte, err error)

EncryptWithGCM encrypts plain text using AES block cipher GCM mode

func (*BlockCipher) GetCipherTextKey 

func (blockCipher *BlockCipher) GetCipherTextKey() (cipherTextKey []byte)

GetCipherTextKey returns cipherTextKey from BlockCipher

func (*BlockCipher) GetKMSKeyId 

func (blockCipher *BlockCipher) GetKMSKeyId() (kmsKey string)

GetKMSKeyId returns kmsKeyId from BlockCipher

func (*BlockCipher) UpdateEncryptionKey 

func (blockCipher *BlockCipher) UpdateEncryptionKey(log log.T, cipherTextBlob []byte, sessionId string, instanceId string) error

UpdateEncryptionKey receives cipherTextBlob and calls kms::Decrypt to receive the encryption data key

type IBlockCipher 

type IBlockCipher interface {
	UpdateEncryptionKey(log log.T, cipherTextKey []byte, sessionId string, instanceId string) error
	EncryptWithAESGCM(plainText []byte) (cipherText []byte, err error)
	DecryptWithAESGCM(cipherText []byte) (plainText []byte, err error)
	GetCipherTextKey() (cipherTextKey []byte)
	GetKMSKeyId() (kmsKey string)
}

type IKMSService 

type IKMSService interface {
	Decrypt(cipherTextBlob []byte, encryptionContext map[string]*string) (plainText []byte, err error)
}

type KMSService 

type KMSService struct {
	// contains filtered or unexported fields
}

func NewKMSService 

func NewKMSService(context context.T) (kmsService *KMSService, err error)

NewKMSService creates a new KMSService instance

func (*KMSService) Decrypt 

func (kmsService *KMSService) Decrypt(cipherTextBlob []byte, encryptionContext map[string]*string) (plainText []byte, err error)

Decrypt will get the plaintext key from KMS service

Source Files

View all Source files

Directories

Path Synopsis
Code generated by mockery v1.0.0
 Code generated by mockery v1.0.0

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.